-
Notifications
You must be signed in to change notification settings - Fork 139
Common REST API v2
Warning
|
This feature is still under development. The API might still change. Do not use it in production. |
These endpoints are available in multiple subsystem application.
Path | Method | Parameters | Return code | App | Mime | Input |
---|---|---|---|---|---|---|
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt --cert ca_admin_cert.p12:Secret.123 \ --cert-type P12 -c session_cookie https://$HOSTNAME:8443/ca/v2/account/login { "id" : "caadmin", "FullName" : "caadmin", "Email" : "[email protected]", "Roles" : [ "Administrators", "Certificate Manager Agents", "Enterprise CA Administrators", "Enterprise KRA Administrators", "Enterprise OCSP Administrators", "Enterprise RA Administrators", "Enterprise TKS Administrators", "Enterprise TPS Administrators", "Security Domain Administrators" ], "Attributes" : { "Attribute" : [ ] } } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
No output expected |
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie https://$HOSTNAME:8443/ca/v2/account/logout |
||||||
|
|
start, size, filter |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ "https://$HOSTNAME:8443/ca/v2/admin/groups?size=3&filter=Admin" { "total" : 8, "entries" : [ { "id" : "Administrators", "GroupID" : "Administrators", "Description" : "People who manage the Certificate System" }, { "id" : "Security Domain Administrators", "GroupID" : "Security Domain Administrators", "Description" : "People who are the Security Domain administrators" }, { "id" : "Enterprise CA Administrators", "GroupID" : "Enterprise CA Administrators", "Description" : "People who are the administrators for the security domain for CA" } ] } |
||||||
|
|
None |
201 |
ca, kra, ocsp, tks, tps |
|
A json of a single group with |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"GroupID": "NewGroup", "Description":"This is a new group"}' \ https://$HOSTNAME:8443/ca/v2/admin/groups { "id" : "NewGroup", "GroupID" : "NewGroup", "Description" : "This is a new group" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie https://$HOSTNAME:8443/ca/v2/admin/groups/newGroup { "id" : "NewGroup", "GroupID" : "NewGroup", "Description" : "This is a new group" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
A group json with only the information to update |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"Description":"This is the new group"}' \ -X PATCH https://$HOSTNAME:8443/ca/v2/admin/groups/newGroup { "id" : "NewGroup", "GroupID" : "NewGroup", "Description" : "This is the new group" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie -X DELETE https://$HOSTNAME:8443/ca/v2/admin/groups/newGroup |
||||||
|
|
start, size, filter |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/groups/Administrators/members { "total" : 1, "entries" : [ { "id" : "caadmin", "groupID" : "Administrators" } ] } |
||||||
|
|
None |
201 |
ca, kra, ocsp, tks, tps |
|
A json with |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"id": "caadmin"}' \ https://$HOSTNAME:8443/ca/v2/admin/groups/NewGroup/members { "id" : "caadmin", "groupID" : "NewGroup" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/groups/NewGroup/members/caadmin { "id" : "caadmin", "groupID" : "NewGroup" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie -X DELETE https://$HOSTNAME:8443/ca/v2/admin/groups/NewGroup/members/caadmin |
||||||
|
|
start, size, filter |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie "https://$HOSTNAME:8443/ca/v2/admin/users?size=3&filter=Admin" { "total" : 1, "entries" : [ { "id" : "caadmin", "UserID" : "caadmin", "FullName" : "caadmin" } ] } |
||||||
|
|
None |
201 |
ca, kra, ocsp, tks, tps |
|
A json for the user with |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"UserID": "newUser", "FullName":"New User"}' \ https://$HOSTNAME:8443/ca/v2/admin/users { "id" : "newUser", "UserID" : "newUser", "FullName" : "New User" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser { "id" : "newUser", "UserID" : "newUser", "FullName" : "New User" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
A json with user information to update |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"FullName":"The New User"}' \ -X PATCH https://$HOSTNAME:8443/ca/v2/admin/users/newUser { "id" : "newUser", "UserID" : "newUser", "FullName" : "The New User" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X DELETE https://$HOSTNAME:8443/ca/v2/admin/users/newUser |
||||||
|
|
size, start |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser/certs { "total" : 1, "entries" : [ { "Version" : 2, "SerialNumber" : "0xa53c5f8e01bab930295a1c56134e2173", "IssuerDN" : "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE", "SubjectDN" : "UID=newUser", "id" : "2;219636095195869852359558645775241978227;CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE;UID=newUser" } ] } |
||||||
|
|
None |
201 |
ca, kra, ocsp, tks, tps |
|
Json with certificate in pem format inside |
Example$ curl --cacert ./ca_signing.crt -b session_cookie --json '{"Encoded":"-----BEGIN CERTIFICATE-----\nMIIEATCCAmmgAwIBAgIRAKU8X44BurkwKVocVhNOIXMwDQYJKoZIhvcNAQELBQAwSDEQMA4GA1UE\r\nCgwHRVhBTVBMRTETMBEGA1UECwwKcGtpLXRvbWNhdDEfMB0GA1UEAwwWQ0EgU2lnbmluZyBDZXJ0\r\naWZpY2F0ZTAeFw0yNDEwMzAwOTQwNDBaFw0yNTA0MjgwOTQwNDBaMBkxFzAVBgoJkiaJk/IsZAEB\r\nDAduZXdVc2VyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnk0Am3aRZevdPqLtDh4\r\nGkukZ89SrCBYqz/yWyIDdEnTHtJUdyJwbwgLkKz9GsE3ZwA1qLgQ8C8eOmUS8DNGm7+YTjwPeC+H\r\nnXxahsivqDeuyrc6nzbayCj4BWk+XMyqi8zPi84EXQ5eC3+qCx5ZEgyW8anjtjSX/09yLFxWRCoh\r\nHq7KR3Cp6LJlO+71bH/FBFfo4v+mA5WwjqdZ+GM9a7NlqyvrmGcUB+2q7LmuCjKCqGYRciIXsy6p\r\nYLhUnxfbtwxLZxmGzejawrciqtj40U3NmdkkDJ+niyD7C75w5TfhmZwmDSpHs76AmgPELBpSkiyE\r\nwdyyaiL53OjMQ5uD/wIDAQABo4GUMIGRMB8GA1UdIwQYMBaAFKd99i1O4mgUWWajjK3k83bEAOEl\r\nMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL3BraS5leGFtcGxlLmNvbTo4MDgw\r\nL2NhL29jc3AwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAN\r\nBgkqhkiG9w0BAQsFAAOCAYEAAQHZeYhrTYFofmGlOorwszMdmnSITwDjQjfu8K1Sh5geJOjrYos7\r\nPIa3uCYTneN/e/f/s9fTZoPrEycQL3rHjgjuQrAakQ48w8K0LKmVUmaVcwS+DCtcgHrBM965YVuP\r\nGw0vxGL+AhJDfH49rbX/2LAqcUMkA/Vc2oDQzb9Es6h20fEpaBVv5ehAbWWU6EOkBLN1/12VKY2e\r\nQFSTbdmPLnGHzcaX7Nmgl+u8jVzuysdTYpgHCQ7tonfE7NNQTHQt8p63fBDaDMUwBlfIDh3Omkef\r\nAofXpvF7Y1X7sy7wfeSqSXYPDcY4A3d+r7Y3qfyuqYc9/Xz+XzhTvEQfjd/gFiZjB23u2et1AhGD\r\n6dmQIhUWOW+OyDx3EdB+OAPFpgTK+VdaUr76zzEFXaZCGnkUhskQujg9495WCs+eQLWznTy3Zuz+\r\nssx5jgbLN46RjBcKlVyGSEtuC6uRwuwGbtQcp7kBGNeHsHBZeQ5fzUdls4B+RZHZWP3OSqpdEJKq\r\n8/gh\r\n-----END CERTIFICATE-----\n"}' \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser/certs { "Version" : 2, "SerialNumber" : "0xa53c5f8e01bab930295a1c56134e2173", "IssuerDN" : "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE", "SubjectDN" : "UID=newUser", "Encoded" : "-----BEGIN CERTIFICATE-----\nMIIEATCCAmmgAwIBAgIRAKU8X44BurkwKVocVhNOIXMwDQYJKoZIhvcNAQELBQAwSDEQMA4GA1UE\r\nCgwHRVhBTVBMRTETMBEGA1UECwwKcGtpLXRvbWNhdDEfMB0GA1UEAwwWQ0EgU2lnbmluZyBDZXJ0\r\naWZpY2F0ZTAeFw0yNDEwMzAwOTQwNDBaFw0yNTA0MjgwOTQwNDBaMBkxFzAVBgoJkiaJk/IsZAEB\r\nDAduZXdVc2VyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnk0Am3aRZevdPqLtDh4\r\nGkukZ89SrCBYqz/yWyIDdEnTHtJUdyJwbwgLkKz9GsE3ZwA1qLgQ8C8eOmUS8DNGm7+YTjwPeC+H\r\nnXxahsivqDeuyrc6nzbayCj4BWk+XMyqi8zPi84EXQ5eC3+qCx5ZEgyW8anjtjSX/09yLFxWRCoh\r\nHq7KR3Cp6LJlO+71bH/FBFfo4v+mA5WwjqdZ+GM9a7NlqyvrmGcUB+2q7LmuCjKCqGYRciIXsy6p\r\nYLhUnxfbtwxLZxmGzejawrciqtj40U3NmdkkDJ+niyD7C75w5TfhmZwmDSpHs76AmgPELBpSkiyE\r\nwdyyaiL53OjMQ5uD/wIDAQABo4GUMIGRMB8GA1UdIwQYMBaAFKd99i1O4mgUWWajjK3k83bEAOEl\r\nMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL3BraS5leGFtcGxlLmNvbTo4MDgw\r\nL2NhL29jc3AwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAN\r\nBgkqhkiG9w0BAQsFAAOCAYEAAQHZeYhrTYFofmGlOorwszMdmnSITwDjQjfu8K1Sh5geJOjrYos7\r\nPIa3uCYTneN/e/f/s9fTZoPrEycQL3rHjgjuQrAakQ48w8K0LKmVUmaVcwS+DCtcgHrBM965YVuP\r\nGw0vxGL+AhJDfH49rbX/2LAqcUMkA/Vc2oDQzb9Es6h20fEpaBVv5ehAbWWU6EOkBLN1/12VKY2e\r\nQFSTbdmPLnGHzcaX7Nmgl+u8jVzuysdTYpgHCQ7tonfE7NNQTHQt8p63fBDaDMUwBlfIDh3Omkef\r\nAofXpvF7Y1X7sy7wfeSqSXYPDcY4A3d+r7Y3qfyuqYc9/Xz+XzhTvEQfjd/gFiZjB23u2et1AhGD\r\n6dmQIhUWOW+OyDx3EdB+OAPFpgTK+VdaUr76zzEFXaZCGnkUhskQujg9495WCs+eQLWznTy3Zuz+\r\nssx5jgbLN46RjBcKlVyGSEtuC6uRwuwGbtQcp7kBGNeHsHBZeQ5fzUdls4B+RZHZWP3OSqpdEJKq\r\n8/gh\r\n-----END CERTIFICATE-----\n", "id" : "2;219636095195869852359558645775241978227;CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE;UID=newUser" } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser/certs/2%3B219636095195869852359558645775241978227%3BCN%3DCA%20Signing%20Certificate%2COU%3Dpki-tomcat%2CO%3DEXAMPLE%3BUID%3DnewUser { "Version" : 2, "SerialNumber" : "0xa53c5f8e01bab930295a1c56134e2173", "IssuerDN" : "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE", "SubjectDN" : "UID=newUser", "PrettyPrint" : " Certificate: \n Data: \n Version: v3\n Serial Number: 0xA53C5F8E01BAB930295A1C56134E2173\n Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Issuer: CN=CA Signing Certificate, OU=pki-tomcat, O=EXAMPLE\n Validity: \n Not Before: Wednesday, October 30, 2024, 9:40:40?AM Coordinated Universal Time Etc/UTC\n Not After: Monday, April 28, 2025, 9:40:40?AM Coordinated Universal Time Etc/UTC\n Subject: UID=newUser\n Subject Public Key Info: \n Algorithm: RSA - 1.2.840.113549.1.1.1\n Public Key: \n Exponent: 65537\n Public Key Modulus: (2048 bits) :\n BE:79:34:02:6D:DA:45:97:AF:74:FA:8B:B4:38:78:1A:\n 4B:A4:67:CF:52:AC:20:58:AB:3F:F2:5B:22:03:74:49:\n D3:1E:D2:54:77:22:70:6F:08:0B:90:AC:FD:1A:C1:37:\n 67:00:35:A8:B8:10:F0:2F:1E:3A:65:12:F0:33:46:9B:\n BF:98:4E:3C:0F:78:2F:87:9D:7C:5A:86:C8:AF:A8:37:\n AE:CA:B7:3A:9F:36:DA:C8:28:F8:05:69:3E:5C:CC:AA:\n 8B:CC:CF:8B:CE:04:5D:0E:5E:0B:7F:AA:0B:1E:59:12:\n 0C:96:F1:A9:E3:B6:34:97:FF:4F:72:2C:5C:56:44:2A:\n 21:1E:AE:CA:47:70:A9:E8:B2:65:3B:EE:F5:6C:7F:C5:\n 04:57:E8:E2:FF:A6:03:95:B0:8E:A7:59:F8:63:3D:6B:\n B3:65:AB:2B:EB:98:67:14:07:ED:AA:EC:B9:AE:0A:32:\n 82:A8:66:11:72:22:17:B3:2E:A9:60:B8:54:9F:17:DB:\n B7:0C:4B:67:19:86:CD:E8:DA:C2:B7:22:AA:D8:F8:D1:\n 4D:CD:99:D9:24:0C:9F:A7:8B:20:FB:0B:BE:70:E5:37:\n E1:99:9C:26:0D:2A:47:B3:BE:80:9A:03:C4:2C:1A:52:\n 92:2C:84:C1:DC:B2:6A:22:F9:DC:E8:CC:43:9B:83:FF\n Extensions: \n Identifier: Authority Key Identifier - 2.5.29.35\n Critical: no \n Key Identifier: \n A7:7D:F6:2D:4E:E2:68:14:59:66:A3:8C:AD:E4:F3:76:\n C4:00:E1:25\n Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1\n Critical: no \n Access Description: \n Method #0: ocsp\n Location #0: URIName: http://pki.example.com:8080/ca/ocsp\n Identifier: Key Usage: - 2.5.29.15\n Critical: yes \n Key Usage: \n Digital Signature \n Non Repudiation \n Key Encipherment \n Identifier: Extended Key Usage: - 2.5.29.37\n Critical: no \n Extended Key Usage: \n clientAuth - 1.3.6.1.5.5.7.3.2\n emailProtection - 1.3.6.1.5.5.7.3.4\n Signature: \n Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Signature: \n 01:01:D9:79:88:6B:4D:81:68:7E:61:A5:3A:8A:F0:B3:\n 33:1D:9A:74:88:4F:00:E3:42:37:EE:F0:AD:52:87:98:\n 1E:24:E8:EB:62:8B:3B:3C:86:B7:B8:26:13:9D:E3:7F:\n 7B:F7:FF:B3:D7:D3:66:83:EB:13:27:10:2F:7A:C7:8E:\n 08:EE:42:B0:1A:91:0E:3C:C3:C2:B4:2C:A9:95:52:66:\n 95:73:04:BE:0C:2B:5C:80:7A:C1:33:DE:B9:61:5B:8F:\n 1B:0D:2F:C4:62:FE:02:12:43:7C:7E:3D:AD:B5:FF:D8:\n B0:2A:71:43:24:03:F5:5C:DA:80:D0:CD:BF:44:B3:A8:\n 76:D1:F1:29:68:15:6F:E5:E8:40:6D:65:94:E8:43:A4:\n 04:B3:75:FF:5D:95:29:8D:9E:40:54:93:6D:D9:8F:2E:\n 71:87:CD:C6:97:EC:D9:A0:97:EB:BC:8D:5C:EE:CA:C7:\n 53:62:98:07:09:0E:ED:A2:77:C4:EC:D3:50:4C:74:2D:\n F2:9E:B7:7C:10:DA:0C:C5:30:06:57:C8:0E:1D:CE:9A:\n 47:9F:02:87:D7:A6:F1:7B:63:55:FB:B3:2E:F0:7D:E4:\n AA:49:76:0F:0D:C6:38:03:77:7E:AF:B6:37:A9:FC:AE:\n A9:87:3D:FD:7C:FE:5F:38:53:BC:44:1F:8D:DF:E0:16:\n 26:63:07:6D:EE:D9:EB:75:02:11:83:E9:D9:90:22:15:\n 16:39:6F:8E:C8:3C:77:11:D0:7E:38:03:C5:A6:04:CA:\n F9:57:5A:52:BE:FA:CF:31:05:5D:A6:42:1A:79:14:86:\n C9:10:BA:38:3D:E3:DE:56:0A:CF:9E:40:B5:B3:9D:3C:\n B7:66:EC:FE:B2:CC:79:8E:06:CB:37:8E:91:8C:17:0A:\n 95:5C:86:48:4B:6E:0B:AB:91:C2:EC:06:6E:D4:1C:A7:\n B9:01:18:D7:87:B0:70:59:79:0E:5F:CD:47:65:B3:80:\n 7E:45:91:D9:58:FD:CE:4A:AA:5D:10:92:AA:F3:F8:21\n FingerPrint\n MD2:\n 08:B7:40:5F:0F:75:9B:7D:CE:6A:E6:02:04:0E:42:CE\n MD5:\n 70:FA:86:85:09:4C:A7:AC:C2:7E:16:12:FE:1C:23:6F\n SHA-1:\n CC:01:B7:F5:26:13:47:D9:A5:2C:05:6B:E0:94:16:7E:\n 62:CD:AB:4D\n SHA-256:\n 1A:00:A6:05:FB:14:33:B4:32:71:73:54:06:DA:52:BB:\n C9:3E:BA:24:CA:C2:4D:B2:9B:7F:A5:F7:F8:55:C0:45\n SHA-512:\n D6:C2:13:5B:5C:06:15:90:E9:78:73:C7:0C:EE:70:19:\n 31:79:1F:AB:43:57:B7:97:C8:D7:00:CA:F3:4A:DD:1B:\n 03:BE:50:10:A8:F6:4A:A0:F3:2E:28:AD:7B:7C:1F:E5:\n 70:ED:22:8E:21:DD:D9:E0:8A:7E:4C:47:D3:56:C5:49\n", "Encoded" : "-----BEGIN CERTIFICATE-----\nMIIEATCCAmmgAwIBAgIRAKU8X44BurkwKVocVhNOIXMwDQYJKoZIhvcNAQELBQAwSDEQMA4GA1UE\r\nCgwHRVhBTVBMRTETMBEGA1UECwwKcGtpLXRvbWNhdDEfMB0GA1UEAwwWQ0EgU2lnbmluZyBDZXJ0\r\naWZpY2F0ZTAeFw0yNDEwMzAwOTQwNDBaFw0yNTA0MjgwOTQwNDBaMBkxFzAVBgoJkiaJk/IsZAEB\r\nDAduZXdVc2VyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnk0Am3aRZevdPqLtDh4\r\nGkukZ89SrCBYqz/yWyIDdEnTHtJUdyJwbwgLkKz9GsE3ZwA1qLgQ8C8eOmUS8DNGm7+YTjwPeC+H\r\nnXxahsivqDeuyrc6nzbayCj4BWk+XMyqi8zPi84EXQ5eC3+qCx5ZEgyW8anjtjSX/09yLFxWRCoh\r\nHq7KR3Cp6LJlO+71bH/FBFfo4v+mA5WwjqdZ+GM9a7NlqyvrmGcUB+2q7LmuCjKCqGYRciIXsy6p\r\nYLhUnxfbtwxLZxmGzejawrciqtj40U3NmdkkDJ+niyD7C75w5TfhmZwmDSpHs76AmgPELBpSkiyE\r\nwdyyaiL53OjMQ5uD/wIDAQABo4GUMIGRMB8GA1UdIwQYMBaAFKd99i1O4mgUWWajjK3k83bEAOEl\r\nMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL3BraS5leGFtcGxlLmNvbTo4MDgw\r\nL2NhL29jc3AwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAN\r\nBgkqhkiG9w0BAQsFAAOCAYEAAQHZeYhrTYFofmGlOorwszMdmnSITwDjQjfu8K1Sh5geJOjrYos7\r\nPIa3uCYTneN/e/f/s9fTZoPrEycQL3rHjgjuQrAakQ48w8K0LKmVUmaVcwS+DCtcgHrBM965YVuP\r\nGw0vxGL+AhJDfH49rbX/2LAqcUMkA/Vc2oDQzb9Es6h20fEpaBVv5ehAbWWU6EOkBLN1/12VKY2e\r\nQFSTbdmPLnGHzcaX7Nmgl+u8jVzuysdTYpgHCQ7tonfE7NNQTHQt8p63fBDaDMUwBlfIDh3Omkef\r\nAofXpvF7Y1X7sy7wfeSqSXYPDcY4A3d+r7Y3qfyuqYc9/Xz+XzhTvEQfjd/gFiZjB23u2et1AhGD\r\n6dmQIhUWOW+OyDx3EdB+OAPFpgTK+VdaUr76zzEFXaZCGnkUhskQujg9495WCs+eQLWznTy3Zuz+\r\nssx5jgbLN46RjBcKlVyGSEtuC6uRwuwGbtQcp7kBGNeHsHBZeQ5fzUdls4B+RZHZWP3OSqpdEJKq\r\n8/gh\r\n-----END CERTIFICATE-----\n", "id" : "2;219636095195869852359558645775241978227;CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE;UID=newUser" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X DELETE https://$HOSTNAME:8443/ca/v2/admin/users/newUser/certs/2%3B219636095195869852359558645775241978227%3BCN%3DCA%20Signing%20Certificate%2COU%3Dpki-tomcat%2CO%3DEXAMPLE%3BUID%3DnewUser |
||||||
|
|
size, start, filter |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser/membership { "total" : 1, "entries" : [ { "id" : "Auditors", "userID" : "newUser" } ] } |
||||||
|
|
None |
201 |
ca, kra, ocsp, tks, tps |
in |
The group name to add the user |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --data 'Auditors' \ https://$HOSTNAME:8443/ca/v2/admin/users/newUser/membership { "id" : "Auditors", "userID" : "newUser" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X DELETE https://$HOSTNAME:8443/ca/v2/admin/users/newUser/membership/Auditors |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/audit { "bufferSize" : 512, "Status" : "Enabled", "Signed" : false, "Interval" : 5, "Events" : { "ACCESS_SESSION_ESTABLISH" : "enabled", "ACCESS_SESSION_TERMINATED" : "enabled", "ASYMKEY_GENERATION_REQUEST" : "disabled", "ASYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "AUDIT_LOG_DELETE" : "disabled", "AUDIT_LOG_SHUTDOWN" : "disabled", "AUDIT_LOG_SIGNING" : "enabled", "AUDIT_LOG_STARTUP" : "enabled", "AUTH" : "enabled", "AUTHORITY_CONFIG" : "enabled", "AUTHZ" : "enabled", "CERT_PROFILE_APPROVAL" : "enabled", "CERT_REQUEST_PROCESSED" : "enabled", "CERT_SIGNING_INFO" : "enabled", "CERT_STATUS_CHANGE_REQUEST" : "enabled", "CERT_STATUS_CHANGE_REQUEST_PROCESSED" : "enabled", "CIMC_CERT_VERIFICATION" : "disabled", "CLIENT_ACCESS_SESSION_ESTABLISH" : "enabled", "CLIENT_ACCESS_SESSION_TERMINATED" : "enabled", "CMC_ID_POP_LINK_WITNESS" : "disabled", "CMC_PROOF_OF_IDENTIFICATION" : "disabled", "CMC_REQUEST_RECEIVED" : "enabled", "CMC_RESPONSE_SENT" : "enabled", "CMC_SIGNED_REQUEST_SIG_VERIFY" : "enabled", "CMC_USER_SIGNED_REQUEST_SIG_VERIFY" : "enabled", "COMPUTE_RANDOM_DATA_REQUEST" : "disabled", "COMPUTE_RANDOM_DATA_REQUEST_PROCESSED" : "disabled", "COMPUTE_SESSION_KEY_REQUEST" : "disabled", "COMPUTE_SESSION_KEY_REQUEST_PROCESSED" : "disabled", "CONFIG_ACL" : "enabled", "CONFIG_AUTH" : "enabled", "CONFIG_CERT_POLICY" : "disabled", "CONFIG_CERT_PROFILE" : "enabled", "CONFIG_CRL_PROFILE" : "enabled", "CONFIG_DRM" : "disabled", "CONFIG_ENCRYPTION" : "enabled", "CONFIG_OCSP_PROFILE" : "disabled", "CONFIG_ROLE" : "enabled", "CONFIG_SERIAL_NUMBER" : "enabled", "CONFIG_SIGNED_AUDIT" : "enabled", "CONFIG_TOKEN_AUTHENTICATOR" : "disabled", "CONFIG_TOKEN_CONNECTOR" : "disabled", "CONFIG_TOKEN_GENERAL" : "disabled", "CONFIG_TOKEN_MAPPING_RESOLVER" : "disabled", "CONFIG_TOKEN_PROFILE" : "disabled", "CONFIG_TOKEN_RECORD" : "disabled", "CONFIG_TRUSTED_PUBLIC_KEY" : "enabled", "CRL_RETRIEVAL" : "disabled", "CRL_SIGNING_INFO" : "enabled", "CRL_VALIDATION" : "disabled", "DELTA_CRL_GENERATION" : "enabled", "DELTA_CRL_PUBLISHING" : "disabled", "DIVERSIFY_KEY_REQUEST" : "disabled", "DIVERSIFY_KEY_REQUEST_PROCESSED" : "disabled", "ENCRYPT_DATA_REQUEST" : "disabled", "ENCRYPT_DATA_REQUEST_PROCESSED" : "disabled", "FULL_CRL_GENERATION" : "enabled", "FULL_CRL_PUBLISHING" : "disabled", "INTER_BOUNDARY" : "disabled", "KEY_GEN_ASYMMETRIC" : "enabled", "KEY_RECOVERY_AGENT_LOGIN" : "disabled", "KEY_RECOVERY_REQUEST" : "disabled", "KEY_STATUS_CHANGE" : "disabled", "LOG_PATH_CHANGE" : "enabled", "NON_PROFILE_CERT_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST_PROCESSED" : "disabled", "OCSP_GENERATION" : "enabled", "OCSP_REMOVE_CA_REQUEST" : "disabled", "OCSP_REMOVE_CA_REQUEST_PROCESSED" : "disabled", "OCSP_SIGNING_INFO" : "enabled", "PROFILE_CERT_REQUEST" : "enabled", "PROOF_OF_POSSESSION" : "enabled", "RANDOM_GENERATION" : "enabled", "ROLE_ASSUME" : "enabled", "SCHEDULE_CRL_GENERATION" : "enabled", "SECURITY_DATA_ARCHIVAL_REQUEST" : "disabled", "SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_EXPORT_KEY" : "disabled", "SECURITY_DATA_INFO" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE" : "disabled", "SECURITY_DOMAIN_UPDATE" : "enabled", "SELFTESTS_EXECUTION" : "enabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_REQUEST" : "enabled", "SERVER_SIDE_KEYGEN_REQUEST_PROCESSED" : "enabled", "SYMKEY_GENERATION_REQUEST" : "disabled", "SYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "TOKEN_APPLET_UPGRADE" : "disabled", "TOKEN_AUTH" : "disabled", "TOKEN_CERT_ENROLLMENT" : "disabled", "TOKEN_CERT_RENEWAL" : "disabled", "TOKEN_CERT_RETRIEVAL" : "disabled", "TOKEN_CERT_STATUS_CHANGE_REQUEST" : "disabled", "TOKEN_FORMAT" : "disabled", "TOKEN_KEY_CHANGEOVER" : "disabled", "TOKEN_KEY_CHANGEOVER_REQUIRED" : "disabled", "TOKEN_KEY_RECOVERY" : "disabled", "TOKEN_KEY_SANITY_CHECK" : "disabled", "TOKEN_OP_REQUEST" : "disabled", "TOKEN_PIN_RESET" : "disabled", "TOKEN_STATE_CHANGE" : "disabled" } } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
A json with same format returned by |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json @audit.json -X PATCH \ https://$HOSTNAME:8443/ca/v2/audit { "bufferSize" : 512, "Status" : "Enabled", "Signed" : false, "Interval" : 100, "Events" : { "ACCESS_SESSION_ESTABLISH" : "enabled", "ACCESS_SESSION_TERMINATED" : "disabled", "ASYMKEY_GENERATION_REQUEST" : "disabled", "ASYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "AUDIT_LOG_DELETE" : "disabled", "AUDIT_LOG_SHUTDOWN" : "disabled", "AUDIT_LOG_STARTUP" : "disabled", "AUTH" : "disabled", "AUTHORITY_CONFIG" : "disabled", "AUTHZ" : "disabled", "CERT_PROFILE_APPROVAL" : "disabled", "CERT_REQUEST_PROCESSED" : "disabled", "CERT_SIGNING_INFO" : "disabled", "CERT_STATUS_CHANGE_REQUEST" : "disabled", "CERT_STATUS_CHANGE_REQUEST_PROCESSED" : "disabled", "CIMC_CERT_VERIFICATION" : "disabled", "CLIENT_ACCESS_SESSION_ESTABLISH" : "disabled", "CLIENT_ACCESS_SESSION_TERMINATED" : "disabled", "CMC_ID_POP_LINK_WITNESS" : "disabled", "CMC_PROOF_OF_IDENTIFICATION" : "disabled", "CMC_REQUEST_RECEIVED" : "disabled", "CMC_RESPONSE_SENT" : "disabled", "CMC_SIGNED_REQUEST_SIG_VERIFY" : "disabled", "CMC_USER_SIGNED_REQUEST_SIG_VERIFY" : "disabled", "COMPUTE_RANDOM_DATA_REQUEST" : "disabled", "COMPUTE_RANDOM_DATA_REQUEST_PROCESSED" : "disabled", "COMPUTE_SESSION_KEY_REQUEST" : "disabled", "COMPUTE_SESSION_KEY_REQUEST_PROCESSED" : "disabled", "CONFIG_ACL" : "disabled", "CONFIG_AUTH" : "disabled", "CONFIG_CERT_POLICY" : "disabled", "CONFIG_CERT_PROFILE" : "disabled", "CONFIG_CRL_PROFILE" : "disabled", "CONFIG_DRM" : "disabled", "CONFIG_ENCRYPTION" : "disabled", "CONFIG_OCSP_PROFILE" : "disabled", "CONFIG_ROLE" : "disabled", "CONFIG_SERIAL_NUMBER" : "disabled", "CONFIG_SIGNED_AUDIT" : "disabled", "CONFIG_TOKEN_AUTHENTICATOR" : "disabled", "CONFIG_TOKEN_CONNECTOR" : "disabled", "CONFIG_TOKEN_GENERAL" : "disabled", "CONFIG_TOKEN_MAPPING_RESOLVER" : "disabled", "CONFIG_TOKEN_PROFILE" : "disabled", "CONFIG_TOKEN_RECORD" : "disabled", "CONFIG_TRUSTED_PUBLIC_KEY" : "disabled", "CRL_RETRIEVAL" : "disabled", "CRL_SIGNING_INFO" : "disabled", "CRL_VALIDATION" : "disabled", "DELTA_CRL_GENERATION" : "disabled", "DELTA_CRL_PUBLISHING" : "disabled", "DIVERSIFY_KEY_REQUEST" : "disabled", "DIVERSIFY_KEY_REQUEST_PROCESSED" : "disabled", "ENCRYPT_DATA_REQUEST" : "disabled", "ENCRYPT_DATA_REQUEST_PROCESSED" : "disabled", "FULL_CRL_GENERATION" : "disabled", "FULL_CRL_PUBLISHING" : "disabled", "INTER_BOUNDARY" : "disabled", "KEY_GEN_ASYMMETRIC" : "disabled", "KEY_RECOVERY_AGENT_LOGIN" : "disabled", "KEY_RECOVERY_REQUEST" : "disabled", "KEY_STATUS_CHANGE" : "disabled", "LOG_PATH_CHANGE" : "disabled", "NON_PROFILE_CERT_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST_PROCESSED" : "disabled", "OCSP_GENERATION" : "disabled", "OCSP_REMOVE_CA_REQUEST" : "disabled", "OCSP_REMOVE_CA_REQUEST_PROCESSED" : "disabled", "OCSP_SIGNING_INFO" : "disabled", "PROFILE_CERT_REQUEST" : "disabled", "PROOF_OF_POSSESSION" : "disabled", "RANDOM_GENERATION" : "disabled", "ROLE_ASSUME" : "disabled", "SCHEDULE_CRL_GENERATION" : "disabled", "SECURITY_DATA_ARCHIVAL_REQUEST" : "disabled", "SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_EXPORT_KEY" : "disabled", "SECURITY_DATA_INFO" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE" : "disabled", "SECURITY_DOMAIN_UPDATE" : "disabled", "SELFTESTS_EXECUTION" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_REQUEST_PROCESSED" : "disabled", "SYMKEY_GENERATION_REQUEST" : "disabled", "SYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "TOKEN_APPLET_UPGRADE" : "disabled", "TOKEN_AUTH" : "disabled", "TOKEN_CERT_ENROLLMENT" : "disabled", "TOKEN_CERT_RENEWAL" : "disabled", "TOKEN_CERT_RETRIEVAL" : "disabled", "TOKEN_CERT_STATUS_CHANGE_REQUEST" : "disabled", "TOKEN_FORMAT" : "disabled", "TOKEN_KEY_CHANGEOVER" : "disabled", "TOKEN_KEY_CHANGEOVER_REQUIRED" : "disabled", "TOKEN_KEY_RECOVERY" : "disabled", "TOKEN_KEY_SANITY_CHECK" : "disabled", "TOKEN_OP_REQUEST" : "disabled", "TOKEN_PIN_RESET" : "disabled", "TOKEN_STATE_CHANGE" : "disabled" } } |
||||||
|
|
action (enable/disable) |
200 |
ca, kra, ocsp, tks, tps |
|
No input expected |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X POST "https://$HOSTNAME:8443/ca/v2/audit?action=enable" { "bufferSize" : 512, "Status" : "Enabled", "Signed" : false, "Interval" : 100, "Events" : { "ACCESS_SESSION_ESTABLISH" : "enabled", "ACCESS_SESSION_TERMINATED" : "disabled", "ASYMKEY_GENERATION_REQUEST" : "disabled", "ASYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "AUDIT_LOG_DELETE" : "disabled", "AUDIT_LOG_SHUTDOWN" : "disabled", "AUDIT_LOG_STARTUP" : "disabled", "AUTH" : "disabled", "AUTHORITY_CONFIG" : "disabled", "AUTHZ" : "disabled", "CERT_PROFILE_APPROVAL" : "disabled", "CERT_REQUEST_PROCESSED" : "disabled", "CERT_SIGNING_INFO" : "disabled", "CERT_STATUS_CHANGE_REQUEST" : "disabled", "CERT_STATUS_CHANGE_REQUEST_PROCESSED" : "disabled", "CIMC_CERT_VERIFICATION" : "disabled", "CLIENT_ACCESS_SESSION_ESTABLISH" : "disabled", "CLIENT_ACCESS_SESSION_TERMINATED" : "disabled", "CMC_ID_POP_LINK_WITNESS" : "disabled", "CMC_PROOF_OF_IDENTIFICATION" : "disabled", "CMC_REQUEST_RECEIVED" : "disabled", "CMC_RESPONSE_SENT" : "disabled", "CMC_SIGNED_REQUEST_SIG_VERIFY" : "disabled", "CMC_USER_SIGNED_REQUEST_SIG_VERIFY" : "disabled", "COMPUTE_RANDOM_DATA_REQUEST" : "disabled", "COMPUTE_RANDOM_DATA_REQUEST_PROCESSED" : "disabled", "COMPUTE_SESSION_KEY_REQUEST" : "disabled", "COMPUTE_SESSION_KEY_REQUEST_PROCESSED" : "disabled", "CONFIG_ACL" : "disabled", "CONFIG_AUTH" : "disabled", "CONFIG_CERT_POLICY" : "disabled", "CONFIG_CERT_PROFILE" : "disabled", "CONFIG_CRL_PROFILE" : "disabled", "CONFIG_DRM" : "disabled", "CONFIG_ENCRYPTION" : "disabled", "CONFIG_OCSP_PROFILE" : "disabled", "CONFIG_ROLE" : "disabled", "CONFIG_SERIAL_NUMBER" : "disabled", "CONFIG_SIGNED_AUDIT" : "disabled", "CONFIG_TOKEN_AUTHENTICATOR" : "disabled", "CONFIG_TOKEN_CONNECTOR" : "disabled", "CONFIG_TOKEN_GENERAL" : "disabled", "CONFIG_TOKEN_MAPPING_RESOLVER" : "disabled", "CONFIG_TOKEN_PROFILE" : "disabled", "CONFIG_TOKEN_RECORD" : "disabled", "CONFIG_TRUSTED_PUBLIC_KEY" : "disabled", "CRL_RETRIEVAL" : "disabled", "CRL_SIGNING_INFO" : "disabled", "CRL_VALIDATION" : "disabled", "DELTA_CRL_GENERATION" : "disabled", "DELTA_CRL_PUBLISHING" : "disabled", "DIVERSIFY_KEY_REQUEST" : "disabled", "DIVERSIFY_KEY_REQUEST_PROCESSED" : "disabled", "ENCRYPT_DATA_REQUEST" : "disabled", "ENCRYPT_DATA_REQUEST_PROCESSED" : "disabled", "FULL_CRL_GENERATION" : "disabled", "FULL_CRL_PUBLISHING" : "disabled", "INTER_BOUNDARY" : "disabled", "KEY_GEN_ASYMMETRIC" : "disabled", "KEY_RECOVERY_AGENT_LOGIN" : "disabled", "KEY_RECOVERY_REQUEST" : "disabled", "KEY_STATUS_CHANGE" : "disabled", "LOG_PATH_CHANGE" : "disabled", "NON_PROFILE_CERT_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST" : "disabled", "OCSP_ADD_CA_REQUEST_PROCESSED" : "disabled", "OCSP_GENERATION" : "disabled", "OCSP_REMOVE_CA_REQUEST" : "disabled", "OCSP_REMOVE_CA_REQUEST_PROCESSED" : "disabled", "OCSP_SIGNING_INFO" : "disabled", "PROFILE_CERT_REQUEST" : "disabled", "PROOF_OF_POSSESSION" : "disabled", "RANDOM_GENERATION" : "disabled", "ROLE_ASSUME" : "disabled", "SCHEDULE_CRL_GENERATION" : "disabled", "SECURITY_DATA_ARCHIVAL_REQUEST" : "disabled", "SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_EXPORT_KEY" : "disabled", "SECURITY_DATA_INFO" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_PROCESSED" : "disabled", "SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE" : "disabled", "SECURITY_DOMAIN_UPDATE" : "disabled", "SELFTESTS_EXECUTION" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEYGEN_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_ENROLL_KEY_RETRIEVAL_REQUEST_PROCESSED" : "disabled", "SERVER_SIDE_KEYGEN_REQUEST" : "disabled", "SERVER_SIDE_KEYGEN_REQUEST_PROCESSED" : "disabled", "SYMKEY_GENERATION_REQUEST" : "disabled", "SYMKEY_GENERATION_REQUEST_PROCESSED" : "disabled", "TOKEN_APPLET_UPGRADE" : "disabled", "TOKEN_AUTH" : "disabled", "TOKEN_CERT_ENROLLMENT" : "disabled", "TOKEN_CERT_RENEWAL" : "disabled", "TOKEN_CERT_RETRIEVAL" : "disabled", "TOKEN_CERT_STATUS_CHANGE_REQUEST" : "disabled", "TOKEN_FORMAT" : "disabled", "TOKEN_KEY_CHANGEOVER" : "disabled", "TOKEN_KEY_CHANGEOVER_REQUIRED" : "disabled", "TOKEN_KEY_RECOVERY" : "disabled", "TOKEN_KEY_SANITY_CHECK" : "disabled", "TOKEN_OP_REQUEST" : "disabled", "TOKEN_PIN_RESET" : "disabled", "TOKEN_STATE_CHANGE" : "disabled" } } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/audit/files { "total" : 1, "entries" : [ { "name" : "ca_audit", "size" : 77606 } ] } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/audit/files/ca_audit 0.main - [29/Oct/2024:11:09:28 UTC] [14] [6] [AuditEvent=CERT_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=A7:7D:F6:2D:4E:E2:68:14:59:66:A3:8C:AD:E4:F3:76:C4:00:E1:25] certificate signing info 0.main - [29/Oct/2024:11:09:28 UTC] [14] [6] [AuditEvent=CRL_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=A7:7D:F6:2D:4E:E2:68:14:59:66:A3:8C:AD:E4:F3:76:C4:00:E1:25] CRL signing info 0.main - [29/Oct/2024:11:09:28 UTC] [14] [6] [AuditEvent=OCSP_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=AB:AF:55:C8:C0:97:C8:B6:AA:47:0D:D0:66:C6:15:E1:B1:EF:EF:77] OCSP signing info 0.main - [29/Oct/2024:11:09:29 UTC] [14] [6] [AuditEvent=SELFTESTS_EXECUTION][SubjectID=$System$][Outcome=Success] self tests execution (see selftests.log for details) 0.https-jsse-jss-nio-8443-exec-1 - [29/Oct/2024:11:09:31 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_ESTABLISH][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success] access session establish success 0.https-jsse-jss-nio-8443-exec-2 - [29/Oct/2024:11:09:31 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertSent: CLOSE_NOTIFY] access session terminated 0.https-jsse-jss-nio-8443-exec-3 - [29/Oct/2024:11:09:32 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_ESTABLISH][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success] access session establish success 0.https-jsse-jss-nio-8443-exec-3 - [29/Oct/2024:11:09:32 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertSent: CLOSE_NOTIFY] access session terminated 0.https-jsse-jss-nio-8443-exec-4 - [29/Oct/2024:11:44:30 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_ESTABLISH][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success] access session establish success 0.https-jsse-jss-nio-8443-exec-4 - [29/Oct/2024:11:44:30 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertReceived: CLOSE_NOTIFY] access session terminated 0.https-jsse-jss-nio-8443-exec-4 - [29/Oct/2024:11:44:30 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertSent: CLOSE_NOTIFY] access session terminated 0.https-jsse-jss-nio-8443-exec-5 - [29/Oct/2024:11:45:53 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_ESTABLISH][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Failure][Info=serverAlertSent: UNEXPECTED_MESSAGE] access session establish failure 0.https-jsse-jss-nio-8443-exec-6 - [29/Oct/2024:11:46:37 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_ESTABLISH][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success] access session establish success 0.https-jsse-jss-nio-8443-exec-6 - [29/Oct/2024:11:46:37 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertReceived: CLOSE_NOTIFY] access session terminated 0.https-jsse-jss-nio-8443-exec-6 - [29/Oct/2024:11:46:37 UTC] [14] [6] [AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=172.18.0.3][ServerIP=172.18.0.3][SubjectID=--][CertSerialNum=--][IssuerDN=--][Outcome=Success][Info=serverAlertSent: CLOSE_NOTIFY] access session terminated |
||||||
|
|
None |
200 |
ca |
||
Example$ curl --cacert ./ca_signing.crt \ https://$HOSTNAME:8443/ca/v2/config/features [{"id":"authority","description":"Lightweight CAs","version":"1.0","enabled":true}] |
||||||
|
|
None |
200 |
ca |
|
|
Example$ curl --cacert ./ca_signing.crt https://$HOSTNAME:8443/ca/v2/config/features/authority { "id" : "authority", "description" : "Lightweight CAs", "version" : "1.0", "enabled" : true } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/jobs { "entries" : [ { "id" : "certRenewalNotifier", "enabled" : false, "cron" : "0 3 * * 1-5", "pluginName" : "RenewalNotificationJob", "parameters" : { } }, { "id" : "pruning", "enabled" : false, "pluginName" : "PruningJob", "parameters" : { } }, { "id" : "publishCerts", "enabled" : false, "cron" : "0 0 * * 2", "pluginName" : "PublishCertsJob", "parameters" : { } }, { "id" : "requestInQueueNotifier", "enabled" : false, "cron" : "0 0 * * 0", "pluginName" : "RequestInQueueJob", "parameters" : { } }, { "id" : "serialNumberUpdate", "enabled" : false, "pluginName" : "SerialNumberUpdateJob", "parameters" : { } }, { "id" : "unpublishExpiredCerts", "enabled" : false, "cron" : "0 0 * * 6", "pluginName" : "UnpublishExpiredJob", "parameters" : { } } ] } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/jobs/serialNumberUpdate { "id" : "serialNumberUpdate", "enabled" : false, "pluginName" : "SerialNumberUpdateJob", "parameters" : { } } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
No output |
No input expected |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/jobs/serialNumberUpdate/start |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt \ https://$HOSTNAME:8443/ca/v2/securityDomain/domainInfo { "subsystemArray" : [ { "hosts" : { "CA pki.example.com 8443" : { "id" : "CA pki.example.com 8443", "Hostname" : "pki.example.com", "Port" : "8080", "SecurePort" : "8443", "SecureEEClientAuthPort" : "8443", "SecureAgentPort" : "8443", "SecureAdminPort" : "8443", "Clone" : "FALSE", "SubsystemName" : "CA pki.example.com 8443", "DomainManager" : "TRUE" } }, "hostArray" : [ { "id" : "CA pki.example.com 8443", "Hostname" : "pki.example.com", "Port" : "8080", "SecurePort" : "8443", "SecureEEClientAuthPort" : "8443", "SecureAgentPort" : "8443", "SecureAdminPort" : "8443", "Clone" : "FALSE", "SubsystemName" : "CA pki.example.com 8443", "DomainManager" : "TRUE" } ], "id" : "CA" } ], "id" : "EXAMPLE", "subsystems" : { "CA" : { "hosts" : { "CA pki.example.com 8443" : { "id" : "CA pki.example.com 8443", "Hostname" : "pki.example.com", "Port" : "8080", "SecurePort" : "8443", "SecureEEClientAuthPort" : "8443", "SecureAgentPort" : "8443", "SecureAdminPort" : "8443", "Clone" : "FALSE", "SubsystemName" : "CA pki.example.com 8443", "DomainManager" : "TRUE" } }, "hostArray" : [ { "id" : "CA pki.example.com 8443", "Hostname" : "pki.example.com", "Port" : "8080", "SecurePort" : "8443", "SecureEEClientAuthPort" : "8443", "SecureAgentPort" : "8443", "SecureAdminPort" : "8443", "Clone" : "FALSE", "SubsystemName" : "CA pki.example.com 8443", "DomainManager" : "TRUE" } ], "id" : "CA" } } } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt \ https://$HOSTNAME:8443/ca/v2/securityDomain/hosts [{"id":"CA pki.example.com 8443","Hostname":"pki.example.com","Port":"8080","SecurePort":"8443","SecureEEClientAuthPort":"8443","SecureAgentPort":"8443","SecureAdminPort":"8443","Clone":"FALSE","SubsystemName":"CA pki.example.com 8443","DomainManager":"TRUE"}] |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
|
Security domain host json with |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ --json '{"id":"CA pki2.example.com 8443","Hostname":"pki2.example.com","Port":"8080","SecurePort":"8443","SecureEEClientAuthPort":"8443","SecureAgentPort":"8443","SecureAdminPort":"8443","Clone":"TRUE","SubsystemName":"CA pki2.example.com 8443","DomainManager":"FALSE"}' \ -X PUT https://$HOSTNAME:8443/ca/v2/securityDomain/hosts |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt \ https://$HOSTNAME:8443/ca/v2/securityDomain/hosts/CA%20pki.example.com%208443 { "id" : "CA pki.example.com 8443", "Hostname" : "pki.example.com", "Port" : "8080", "SecurePort" : "8443", "SecureEEClientAuthPort" : "8443", "SecureAgentPort" : "8443", "SecureAdminPort" : "8443", "Clone" : "FALSE", "SubsystemName" : "CA pki.example.com 8443", "DomainManager" : "TRUE" } |
||||||
|
|
None |
204 |
ca, kra, ocsp, tks, tps |
||
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X DELETE https://$HOSTNAME:8443/ca/v2/securityDomain/hosts/CA%20pki.example.com%208443 |
||||||
|
|
hostname, subsystem |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ "https://$HOSTNAME:8443/ca/v2/securityDomain/installToken?hostname=pki.example.com&subsystem=CA" { "token" : "4984326538499940852" } |
||||||
|
|
start, size, filter |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ "https://$HOSTNAME:8443/ca/v2/selftests?start=2" { "total" : 3, "entries" : [ { "id" : "SystemCertsVerification", "enabledAtStartup" : true, "criticalAtStartup" : true, "enabledOnDemand" : true, "criticalOnDemand" : true } ] } |
||||||
|
|
action (run) |
204 |
ca, kra, ocsp, tks, tps |
No output |
No input expected |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X POST "https://$HOSTNAME:8443/ca/v2/selftests?action=run" |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
|
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ https://$HOSTNAME:8443/ca/v2/selftests/CAValidity { "id" : "CAValidity", "enabledAtStartup" : false, "enabledOnDemand" : true, "criticalOnDemand" : true } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
No input expected |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X POST https://$HOSTNAME:8443/ca/v2/selftests/run { "entries" : [ { "id" : "CAPresence", "status" : "PASSED" }, { "id" : "SystemCertsVerification", "status" : "PASSED" }, { "id" : "CAValidity", "status" : "PASSED" } ] } |
||||||
|
|
None |
200 |
ca, kra, ocsp, tks, tps |
|
No input expected |
Example$ curl --cacert ./ca_signing.crt -b session_cookie \ -X POST https://$HOSTNAME:8443/ca/v2/selftests/CAPresence/run { "id" : "CAPresence", "status" : "PASSED" } |
Note
|
endpoints requiring authentication can be accessed providing the session cookie retrieved in the login api (/<app>/v2/account/login ) or the user credentials (user/password or certificates).
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |